Product:

Bento4

(Axiosys)
Repositories https://github.com/axiomatic-systems/Bento4
#Vulnerabilities 162
Date Id Summary Products Score Patch Annotated
2022-09-14 CVE-2022-40438 Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. Bento4 6.5
2022-09-14 CVE-2022-40439 An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. Bento4 6.5
2022-09-15 CVE-2022-40736 An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp. Bento4 6.5
2022-09-15 CVE-2022-40737 An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields. Bento4 6.5
2022-09-15 CVE-2022-40738 An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write. Bento4 6.5
2022-09-18 CVE-2022-40774 An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize. Bento4 5.5
2022-09-18 CVE-2022-40775 An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields. Bento4 5.5
2022-10-03 CVE-2022-41419 Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_Processor::Process function in the mp4encrypt binary. Bento4 6.5
2022-10-03 CVE-2022-41423 Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component. Bento4 6.5
2022-10-03 CVE-2022-41424 Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_SttsAtom::Create function in mp42hls. Bento4 6.5